(Visual FoxPro) Create a JWS Using ECDSA P-521 SHA-512

Creates and verifies a JSON Web Signature (JWS) that uses ECDSA P-521 SHA-512

Note: This example requires Chilkat v9.5.0.66 or greater.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

LOCAL loSbJwk
LOCAL loEccKey
LOCAL lnSuccess
LOCAL loJwsProtHdr
LOCAL loJws
LOCAL lnSignatureIndex
LOCAL lnBIncludeBom
LOCAL lcPayloadStr
LOCAL lcJwsCompact
LOCAL loJws2
LOCAL loEccPubKey
LOCAL v
LOCAL loJoseHeader

* This requires the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

* Note: This example requires Chilkat v9.5.0.66 or greater.

* Use the following ECC key loaded from JWK format.
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.StringBuilder')
loSbJwk = CreateObject('Chilkat.StringBuilder')
loSbJwk.Append('{"kty":"EC",')
loSbJwk.Append('"crv":"P-521",')
loSbJwk.Append('"x":"AekpBQ8ST8a8VcfVOTNl353vSrDCLLJXmPk06wTjxrrjcBpXp5EOnYG_NjFZ6OvLFV1jSfS9tsz4qUxcWceqwQGk",')
loSbJwk.Append('"y":"ADSmRA43Z1DSNx_RvcLI87cdL07l6jQyyBXMoxVg_l2Th-x3S1WDhjDly79ajL4Kkd0AZMaZmh9ubmf63e3kyMj2",')
loSbJwk.Append('"d":"AY5pb7A0UFiB3RELSD64fTLOSV_jazdF7fLYyuTw8lOfRhWg6Y6rUrPAxerEzgdRhajnu0ferB0d53vM9mE15j2C"')
loSbJwk.Append("}")

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.PrivateKey')
loEccKey = CreateObject('Chilkat.PrivateKey')
* Note: This example loads the ECDSA key from JWK format.  Any format can be loaded
* into the private key object. (See the online reference documentation..)
lnSuccess = loEccKey.LoadJwk(loSbJwk.GetAsString())
IF (lnSuccess <> 1) THEN
    ? loEccKey.LastErrorText
    RELEASE loSbJwk
    RELEASE loEccKey
    CANCEL
ENDIF

* Create the JWS Protected Header
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJwsProtHdr = CreateObject('Chilkat.JsonObject')
loJwsProtHdr.AppendString("alg","ES512")

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Jws')
loJws = CreateObject('Chilkat.Jws')

* Set the protected header:
lnSignatureIndex = 0
loJws.SetProtectedHeader(lnSignatureIndex,loJwsProtHdr)

* Set the ECC key:
loJws.SetPrivateKey(lnSignatureIndex,loEccKey)

* Set the payload.
lnBIncludeBom = 0
lcPayloadStr = "In our village, folks say God crumbles up the old moon into stars."
loJws.SetPayload(lcPayloadStr,"utf-8",lnBIncludeBom)

* Create the JWS
* By default, the compact serialization is used.
lcJwsCompact = loJws.CreateJws()
IF (loJws.LastMethodSuccess <> 1) THEN
    ? loJws.LastErrorText
    RELEASE loSbJwk
    RELEASE loEccKey
    RELEASE loJwsProtHdr
    RELEASE loJws
    CANCEL
ENDIF

? "JWS: " + lcJwsCompact

* Note: ECC signatures use random values, so the output will be different each time a signature is produced.
* sample output:
* JWS: eyJhbGciOiJFUzUxMiJ9.SW4gb3VyIHZpbGxhZ2UsIGZvbGtzIHNheSBHb2QgY3J1bWJsZXMgdXAgdGhlIG9sZCBtb29uIGludG8gc3RhcnMu.AFOnOtZ8UTp-ed1PfLfXxwGU7zT_jnmGGxew-d1CP6SfKa5RUhav5mF4szhSof22JaoQ742VIa0eZ0s1rhBnj8y6APr6g6vKzIpYZlJsnjzjUwAjDQOLmcsjxrrRfATh-NEv7G0Z9FrjdJasS44tCG2EnG6aT2TW-sPG0dy5o9jUWCzi

* Now load the JWS, validate, and recover the original text.
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Jws')
loJws2 = CreateObject('Chilkat.Jws')

* Load the JWS.
lnSuccess = loJws2.LoadJws(lcJwsCompact)

loEccPubKey = loEccKey.GetPublicKey()

* Set the ECC public key used for validation.
lnSignatureIndex = 0
loJws2.SetPublicKey(lnSignatureIndex,loEccPubKey)
RELEASE loEccPubKey

* Validate the 1st (and only) signature at index 0..
v = loJws2.Validate(lnSignatureIndex)
IF (v < 0) THEN
    * Perhaps Chilkat was not unlocked or the trial expired..
    ? "Method call failed for some other reason."
    ? loJws2.LastErrorText
    RELEASE loSbJwk
    RELEASE loEccKey
    RELEASE loJwsProtHdr
    RELEASE loJws
    RELEASE loJws2
    CANCEL
ENDIF

IF (v = 0) THEN
    ? "Invalid signature.  The ECC key was incorrect, the JWS was invalid, or both."
    RELEASE loSbJwk
    RELEASE loEccKey
    RELEASE loJwsProtHdr
    RELEASE loJws
    RELEASE loJws2
    CANCEL
ENDIF

* If we get here, the signature was validated..
? "Signature validated."

* Recover the original content:
? loJws2.GetPayload("utf-8")

* Examine the protected header:
loJoseHeader = loJws2.GetProtectedHeader(lnSignatureIndex)
IF (loJws2.LastMethodSuccess <> 1) THEN
    ? "No protected header found at the given index."
    RELEASE loSbJwk
    RELEASE loEccKey
    RELEASE loJwsProtHdr
    RELEASE loJws
    RELEASE loJws2
    CANCEL
ENDIF

loJoseHeader.EmitCompact = 0

? "Protected (JOSE) header:"
? loJoseHeader.Emit()
RELEASE loJoseHeader

* Output:
* 	Signature validated.
* 	In our village, folks say God crumbles up the old moon into stars.
* 	Protected (JOSE) header:
* 	{
* 	  "alg": "ES512"
* 	}

RELEASE loSbJwk
RELEASE loEccKey
RELEASE loJwsProtHdr
RELEASE loJws
RELEASE loJws2